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DETAILED ACTION 

1 . Applicant's amendment filed on May 08, 2007 has been entered. Claims 1-16, 
18-32 are pending. Claims 1-3, 5, 8, 18, 30-32 are amended by the applicant and claim 
17 is also cancelled by the applicant. 

Specification 

2. The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: claims 31 and 32 are drawn to a computer program product, 
which applicant has defined in the specification (page 6, lines 10-25) to encompass an 
electronic transmission signal. The Office considers an electronic signal to be a form of 
energy. Energy is not a series of steps or acts and this is not a process. Energy is not 
a physical article or object and as such is not a machine or manufacture. Energy is not 
a combination of substances and therefore not a compilation of matter. Thus, an 
electronic transmission signal does not fall within any of the four categories of invention. 
Appropriated correction is required. 

Claim Objections 

3. Claim 17 is objected to under 37 CFR 1 .75(c), as being of improper dependent 
form for failing to further limit the subject matter of a previous claim. Applicant has 
cancelled claim 17, thus the objection has been withdrawn. 



Application/Control Number: 10/729.515 Page 3 

Art Unit: 2136 

4. Claim 1 is objected to because of the following informalities: the examiner notes 
the use of acronyms (API) throughout the claim 1 without first including a description in 
plaintext, as required. Applicant to address this objection has amended claim 1. 
Therefore the objection has been withdrawn. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

6. Claim 5 recites the limitation "an entity" in 5. There is insufficient antecedent 
basis for this limitation in the claim. The examiner is not Clair if the entity is the same as 
the one form claim 1 or if it is a new entity. Appropriate correction is required. 

Response to Amendment 

7. Regarding Claims 1-3, 5, 6, 9-12: 

Applicant has amended the claims to recite the limitation "wtierein ttie entity 
requests access to an object on behalf of another entity^' It is noted, 
however, such this limitation was not previously recited in the claims. As such, 
this limitation is being treated as a newly added limitation and will so examined 
and argued accordingly (the same). 

On page 9 of the reply, Applicant argued that the applied prior art fails to disclose 
the newly added limitation, "wherein the entity requests access..." As noted 
above, this limitation was not previously recited in the claim. However, upon 
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closer review of the references, it is submitted that the prior art of record 
discloses such feature. 

First, Applicant is respectfully reminded that during patent examination, the 
pending claims must be "given their broadest reasonable interpretation 
consistent with the specification." (Phillips v. AWH Corp., 415 F.3d 1303, 75 
USPQ2d1321 (Fed. Cir. 2005)). See MPEP 2111. 

Applicant stated that "the cited reference discloses a system for managing 
...However, the access rights... themselves." The claims are not so limited. In 
that regard, the court explained that "reading a claim in light of the specification, 
to thereby interpret limitations explicitly recited in the claim, is a quite different 
thing from reading limitations of the specification into a claim,' to thereby narrow 
the scope of the claim by implicitly adding disclosed limitations which have no 
express basis in the claim." See MPEP 2111, In re Prater, 415 F.2d 1393, 1404- 
05, 162 USPQ 541, 550-51 (CCPA 1969), and also In re Morris, 127 F.3d 1048, 
1054-55, 44 USPQ2d 1023, 1027-28 (Fed. Cir. 1997). 

Independent claim... was rejected as being unpatenble over Garg et al 
(6,289,458). Figure 1 of Garg et al shows a [first] entity (e.g., item 20) making a 
request access to an object (e.g., item 47) on behalf of another [second] entity 
(e.g., 40), the system user. See Garg et al at column 5, lines 37-60; column 7, 
lines 58-64. As further explained in detail in column 10, lines 36-47; an 
application 220 (first entity) issues a request to a service provider module 210 to 
access control module 240. Emphasis added. 
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Therefore, the examiner submits that Garg et al discloses each and every 

r 

feature of the above claims and respectfully maintains the rejection. 

8. Regarding Claims 18-32: 

On page 10 of the response, Applicant argued that the applied references fail to 
disclose, "wherein the security options include at least one of a restricted 
audience offer or conversion of a subscription from a first type to a second 
type. This feature is taught by Corrigan et al . See column 4, lines 22-25. Also, 
as described in column 5, linesi 1-40, Corrigan et al discloses the security 
options. 

Applicant also argued, on page 10, that Corrigan et al fails to disclose, ''wherein 

the entity is attempting access on behalf of another entity" The examiner 

respectfully disagrees. Figure 3, in particular figure 5, of Corrigan et al clearly 

shows a [first] entity making a request access on behalf of another [second] 

entity. See also column 10, line 66 to column 11, line 9. 

With regard to the limitation of masking the object from the entity if permission 

does not exist as recited in claim 3, Garg et al discloses such feature. See figure 

3(b) and column 8, lines 64-67; and column 11, lines 55-62. 

There is no new ground of rejection when the basic thrust of the rejection 

remains the same. See In re Kronig, 539 F.2d 1300, 1302-03. 190 USPQ 425. 

426-27 (CCPA 1976). 
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To the extent that the response to the applicants arguments may have 
mentioned new portions of the prior art references, which were not used in the 
prior office action, this does not constitute new a new ground of rejection. It is 
clear that the prior art reference is of record and has been considered entirely by 
applicant. See In re Bover 363 F.2d 455, 458 n.2, 150 USPQ 441, 444, n.2 
(CCPA 1966) and In re Bush . 296 F.2d 491, 496, 131 USPQ 263, 267 (CCPA 
1961). 

The mere fact that additional portions of the same reference may have been 
mentioned or relied upon does not constitute new ground of rejection. In re 
Meinhardt . 392, F.2d 273, 280, 157 USPQ 270, 275 (CCPA 1968). 
Accordingly, this office action is being made final. 

Therefore, the examiner submits that the combined teaching of Garq et al and 
Corrigan eta! discloses each and every feature of the above claims and 
respectfully maintains the rejection. 
9. Regarding claims 4, 7, 8, 13-17; 

The examiner still maintains the rejection using the same rational as applied to 
claims 18-32 above. 



Claim Rejections - 35 USC § 102 
10. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

1 1 . Claims 1-3, 5, 6,9-12 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Garget al (US 6289458). 

Claim 1: Garg etal discloses a system to provide access control to Individual 
properties of an object comprising: 

I. A platform component that receives a request to access an object 
by an entity, wherein the entity requests access to an object on behalf of 
another entity; (Figure 1 and column 5, lines 37-60 column 7 lines 58-64 
and column 10 lines 36-47); 

ii. A data store that stores security information on class of the objects 
(the data structure includes an identifier used to indicated a specific object 
property or set of properties to which the permission apply) (column 3, 
lines 35-40); and 

iii. A verification component that employs the security infomriation to 
verify that the entity has permission to call API for the object and/or 
operate on the object (the access control module provide a centralize 
standard mechanism to evaluate whether or not various request for 
operations affecting objects should be granted or denied (column 7, lines 
30-35). 

Claim 2: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1, above and further discloses that the 
verification component exposes the object is permission exists (the data 
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structures includes fields defining whether access is granted) (column 3, Iines30- 
35). 

Claim 3: Garq et al discloses a system to provide access control to individual 
properties of an object as in claim 1 , above and further discloses that the 
verification component masks the object is permission does not exist (the data 
structures includes fields defining whether access is deny) (column 3, Iines30- 
35). 

Claim 5: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 , above and further discloses that the 
verification component facilitates that partners receive full access to API's and /or 
object s for which there is a business need and partial or limited access to other 
API's or business objects (a system user is granted and denied access to 
individual properties or sets of properties) (column 3, lines45-50). 
Claim 6: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 , above and further discloses that the data 
store provides a default or determined security information related to a class (the 
access control list contains zero or more access control entries, which define the 
access control applied to the object) (column 8, lines34-38). 
Claim 9: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 , above and further comprises a management 
portal to facilitate authorization (file system manger maintains and coordinates 
access to file system) (column 7, lines 25-29). 
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Claim 10: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim.1 , above and further comprises a component 
to provide an explicit security mapping for an object the access control list 
contains zero or more access control entries, which define the access control 
applied to the object. Each entry in the list defines a set of permission to be 
applied to a particular UUSERID or GROUPID with respect to either the object as 
a whole or individual properties of object. Desirably the order of entries in the 
access control list is significant) (column 8, lines 35-55). 
Claim 11: Garg et al discloses a system to provide access control to Individual 
properties of an object as in claim 1 , above and further comprises a component 
to enable an implicit security mapping from an explicit mapped object or to 
derive an implicit security permission by utilizing related objects(security 
descriptor provides details on the security and access control applicable to object 
(column 8, lines 25-30). 

Claim 12: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 , above and further discloses that the 
authorization employs operating system identities to facilitates security 
authorization procedure (security descriptor contains various properties including 
the owner security identifier and access control list) (column 8, lines27-30). 

12. Claims 18-32 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Corrigan et al . (US 6640097). 
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Claim 18: Corriqan et al discloses a system to provide access control to 
individual properties of an object comprising: 

a. Storing one or more security options in a database, the security 
options related to automate billing and provisioning system wherein the 
security options include at least one of a restricted audience offer or 
conversion of a subscription from a first type to a second type (column 4, 
lines 22-25, column 5 lines 11-40, column 10 line 66 to column 1 1 line 9) 
(column 2 lines 65-69, column 3 lines1-3); 

b. Assigning security options to a class (the platform comprises 
means for controlling mobile subscriber access according to the security 
criteria) (column 2, lines 9-15); and 

c. Inheriting the security options by object members of the class 
(verification of subscriber access rights is an intrinsic part of the session 
management functions provided by the portal (column 9. lines 17-20). 

Claim 19: Corrigan et al discloses a system to provide access control to 
individual properties of an object as in claim 18 above, and further comprises at 
least one of explicit and implicit assigning the security options to object members 
of a class (security future such as white list or blacklist are used to authenticates 
access to particular services (column 5, lines 27-30). 
Claim 20: Corrigan et al discloses a system to provide access control to 
individual properties of an object as in claim 18 above, and further comprises 
accessing database via an application programming interface (in one 
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embodiment, the portal comprises a secure web-bases self provisioning interface 
comprising means for setting mobile network subscriber s to select a portfolio of 
personalized services (column 2, lines53-57). 

Claim 21 : Corriqan et al discloses a system to provide access control to 
individual properties of an object as in claim 20 above, and further authorizes the 
API (the node controls all subscriber accesses to the network operator managed 
service portfolio and authenticates the ID to verify that the subscriber is 
authorized (column 5, lines 33-38). 

Claim 22: Corriqan et al discloses a system to provide access control to 
individual properties of an object as in claim 21 above, and further comprise 
returning an error code if an authorization procedure fails(the push server also 
support the push access protocol result notification. It will acknowledge 
successful or report unsuccessful transmission and delivery of the information 
pushed and return a status) (column 11, lines 10-15). 
Claim 23: Corriqan et al discloses a system to provide access control to 
individual properties of an object as in claim 21 above, and further comprises 
analyzing a simple object request (a mobile user service request reaches the 
node as URL request in http format, and the node presents a login screen. The 
user inputs access security codes and the node interfaces on the internet side to 
have the required content delivered) (column 4 lines 1-10). 
Claim 24: Corriqan et al discloses a system to provide access control to 
individual properties of an object as in claim 21 above, and further comprises 
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analyzing one or more security credentials (verification of subscriber access 
rights is an intrinsic part of the session management functions provided by the 
portal (column 9, lines 15-20). 

Claim 25: Corrigan et al discloses a system to provide access control to 
individual properties of an object as in claim 24 above, and comprises employing 
a cache to process the credentials (portal comprises a customer care 
provisioning interface and a provisioning database) (column 2, lines 65-68, fig 2) 
Claim 26: Corrigan etal discloses a system to provide access control to 
individual properties of an object as in claim 18 above, and further comprises a 
subscription platform service (the platform comprises means for controlling 
subscriber access according to security criteria (column 2, lines 5-10). 
Claim 27: Corrigan et al discloses a system to provide access control to 
individual properties of an object as in claim 18 above, and further discloses that 
the security options are associated with default security parameters (a generic 
subscriber class which is defined within the portal and represents common 
characteristics of all subscribers) (column 8, lines 44-48). 
Claim 28: Corrigan et al discloses a system to provide access control to 
individual properties of an object as in claim 18 above, and further comprises 
overriding default security parameters with other options (from the generic 
subscriber class are derived many subscriber sub-class that allow the portal to 
manage subscriber profiles across a wide range of different technologies) 
(column 8, lines 47-50). 
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Claim 29: Corriqan et al discloses a system to provide access control to 
Individual properties of an object as in claim 18 above, and further comprises 
employing an intermediate proxy that places call In a subscription on behalf of 
another tenant (the wireless application protocol (WAP) is a complete WAP 
capable mobile stations to access applications and services which may be 
hosted either within the network operator's own domain or in another location 
(column 10, lines 50-55). 

Claim 30: Corriqan et al discloses a system to provide access control to 

Individual properties of an object comprising: 

I. Means for authenticating at least one entity attempting access to an 
online billing and service (subscriber authentication) (column 4, line 33); 
ii. Means for authorizing the at least one entity (authorities subscriber 
access through white and black lists) (column 5, lines50-55)); and 
III. Means for associating a security parameter with at least one 
business object from a globalize region of database (the data structure 
includes an identifier used to indicated a specific object property or set of 
properties to which the permission apply) (column 3, lines 35-40). 



Claim 31: Corriqan etal discloses a system to provide access control to 
Individual properties of an object comprising: 
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i. An application programming interface packet to identify a partner 
(authenticates the subscriber ID to verify that the subscriber is authorized 
(column 5, lines35-40); 

ii. A security credential packet to facilitate authorization of the partner 
(Authorized subscriber access through white and black lists) (column 5, 
lines 50-55); and 

iii. A security parameter packet inherited by a business object to 
facilitate access to a subscription platform database ( the data structure 
includes an identifier used to indicated a specific object property or set of 
properties to which the permission apply) (column 3, lines 35-40). 

Claim 32: Corriqan at al discloses a system to provide access control to 

individual properties of an object comprising: 

i. At least one security field indicating global security parameters in a 
subscription platform database (Authorized subscriber access through 
white and black lists) (column 5, lines 50-55); 

II. At least one object field associated with an account in the database 
(the portal comprises means for instantiating a payment management 

class) (column 3, lines 25-30); and 

III. At least one class field to associate the security field object( the 
data structure includes an identifier used to indicated a specific object 



Application/Control Number: 10/729,515 Page 15 

Art Unit: 2136 

property or set of properties to which the permission apply) (column 3, 
lines 35-40). 



Claim Rejections - 35 USC § 103 

13. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 1 02 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

14. Claims 4, 7, 8,13-17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Corrigan et al (US6640097). 

Claim 4: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not disclose that the system 
further comprise a subscription platform to facilitate automated billing an 
provisioning accounts. Corrigan et al discloses a similar system, which provides 
billing and tariff generation with configurable billing provisioning functions 
(column 4, lines 45-50). Therefore, it would have been obvious to one having 
ordinary skill in the art at the time of the invention was made to include 
subscription platform to facilitating automated billing and provisioning accounts. 
One would have been motivated to do so in order to facilitate accounts 
management. 
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Claim 7: Garg et al and Corrigan et al disclose a system to provide access 
control to individual properties of an object as in claim 6 above, and Corrigan et 
al further comprises a component to override the default security information with 
higher or different security options (from the generic subscriber class are derived 
many subscriber sub-class that allow the portal to manage subscriber profiles 
across a wide range of different technologies) (column 8, lines 47-50). It would 
have been obvious to one having ordinary skill in the art at the time of the 
invention was made for Garg et al to override default security with higher or 
different security options. One would have been motivated to do in order to 
make the system efficient. 

Claim 8: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not explicitly disclose a 
component that supports proxies tenant callers. Corrigan et al discloses a 
similar system to provide access control to individual properties that further 
discloses a the wirejess application protocol (WAP) is a complete WAP capable 
mobile stations to access applications and services which may be hosted either 
within the network operator's own domain or in another location (column 10, lines 
50-55). Therefore, it would have been obvious to one having ordinary skill in the 
art at the time of the invention was made for Garg et al to support proxies tenant 
callers. One would have been motivated to do in order to make the system 
flexible. 
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Claim 13: Garq et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not explicitly disclose that 
the system further comprises al least one of a sign-up API caller, an account 
management API caller, and a customer care API caller. Corriqan et al 
discloses a similar system to provide access control to individual properties that 
further discloses a customer care provisioning interface including a device 
provisioning function which enables the operator to ensure that content is 
matched to the device type (column 5, lines 10-15). Therefore, it would have 
been obvious to one having ordinary skill in the art at the time of the invention 
was made for Garq et al to include a customer care API caller. One would have 
been motivated to do in order to simplify service management. 
Claim 14: Garq et al discloses a system to provide access control to individual 
properties of an object as in claim 13 above, but does not explicitly disclose that 
the system further comprises al least one API related to at least of a sign-up API 
group, an account management API group, a customer care API group, and 
object designer API group. Corriqan et al discloses a similar system to provide 
access control to individual properties that further a customer care provisioning 
interface including a device provisioning function which enables the operator to 
ensure that content is matched to the device type (column 5, lines 10-15). 
Therefore, it would have been obvious to one having ordinary skill in the art at 
the time of the invention was for Garg et al made to include a customer care API 
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group. One would have been motivated to do in order to make the system 
efficient. 

Claim 15: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not explicitly disclose that 
the system further comprises an authorization logic that determines whether an 
API can access an object via an access rights set. Corrigan et al discloses a 
similar system to provide access control to individual properties that further 
discloses a node acting as a service manager for mobile subscriber. It controls 
all subscriber accesses to the network operators managed service portfolio and 
authenticates the subscriber ID to verify that the subscriber is authorized to 
access a particular service before opening a secure connection (column 5, lines 
35-40). Therefore, it would have been obvious to one having ordinary skill .in the 
art at the time of the invention was made to include an authorization component 
in Garg etal . One would have been motivated to do so in order to restrict and 
control access to various components and services provides within the system. 
Claim 16: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not explicitly disclose that 
the system further comprises at least one of a restricted audience offer, a 
conversion component, and a payment instrument component. Corrigan et al 
discloses a similar system to provide access control to individual properties that 
further discloses a payment management class from which are derived two sub- 
classes post-paid and pre-paid (column 10, lines 20-25). Therefore, it would 
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have been obvious to one having ordinary sl<ill in the art at the time of the 
invention was made for Garg et al to include a payment component. One would 
have been motivated to do so in order to restrict and control access to various 
components and services provides within the system. 
Claim 17: Garg et al discloses a system to provide access control to individual 
properties of an object as in claim 1 above, but does not explicitly disclose that 
the system further comprises a computer excusable instructions stored thereon 
to perform at least one of the platform component and the verification 
component. Corrigan et al discloses a similar system to provide access control 
to individual properties that further discloses a verification component (column 9, 
line15-20). Therefore, it would have been obvious to one having ordinary skill in 
the art at the time of the invention was made to include a verification component. 
One would have been motivated to do so in order to restrict and control access to 
various components and services provides within the system. 

Conclusion 

15. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fatoumata Traore whose telephone number is (571) 
270-1685. The examiner can normally be reached Monday through Thursday from 7:00 
a.m. to 4:00 p.m. and every other Friday from 7:30 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nassar G. Moazzami, can be reached on (571) 272 4195. The fax phone 
number for Formal or Official faxes to Technology Center 2100 is (571) 273-8300. Draft 
or Informal faxes, which will not be entered in the application, may be submitted directly 
to the examiner at (571) 270-2685. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the Group Receptionist whose telephone number is 
(571)272-2100. 

FT Nassar G. Moazzami 

Monday July 9, 2007 Supervisory Patent Examiner 




